Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MFFCqYnJQyyhT3rYu11TUxNbdyQ.roa
File: MFFCqYnJQyyhT3rYu11TUxNbdyQ.roa (raw, json)
Hash identifier: sc32coiTLmY4jtEd42H9cncWtAMxB91xZHlWDiVqK0s=
Subject key identifier: 30:51:42:A9:89:C9:43:2C:A1:4F:7A:D8:BB:5D:53:53:13:5B:77:24
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019E3068D3CA07863F84FE8FEB4084E148BC
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MFFCqYnJQyyhT3rYu11TUxNbdyQ.roa
Signing time: Sat 16 May 2026 10:50:36 +0000
ROA not before: Sat 16 May 2026 10:50:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209811
IP address blocks: 91.224.41.0/24 maxlen: 24
93.120.8.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:68:d3:ca:07:86:3f:84:fe:8f:eb:40:84:e1:48:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 16 10:50:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=305142a989c9432ca14f7ad8bb5d5353135b7724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:22:f5:10:cc:e8:f8:12:f7:94:f1:00:6f:
67:2a:0d:30:9b:f6:64:92:85:d1:75:92:08:db:c0:
42:ac:51:16:b2:76:d5:83:6e:e4:1f:14:08:40:09:
51:2a:a7:d2:38:c7:a9:d3:a3:87:b7:5a:a8:df:e8:
29:75:74:9b:70:c9:51:29:e5:c8:96:07:1e:7a:03:
c8:3b:8d:d6:a3:b7:40:7a:5e:03:8d:58:3c:bd:4e:
f7:f0:a6:6a:61:1f:f2:27:91:9a:ec:e4:c9:c7:9a:
f5:3b:46:c6:af:12:dc:2c:f3:5d:21:66:8b:ae:be:
ef:db:4d:7f:fa:cc:1d:d4:57:20:db:d7:31:03:01:
25:98:08:5a:8c:17:79:6d:80:df:17:aa:69:a1:46:
10:19:b3:51:17:02:b2:b9:00:d3:3c:18:d7:15:07:
19:35:47:79:4b:aa:2a:41:c2:cb:ab:49:e6:34:87:
f4:a0:3c:0b:2f:92:ef:bc:73:db:64:e0:be:cc:ef:
18:05:59:24:07:eb:52:28:bd:6a:fa:1c:e7:8c:a1:
bc:79:ef:41:ac:16:8a:10:ee:14:74:a1:ae:62:68:
2f:2a:2c:36:d5:cb:5b:c2:95:30:da:92:75:47:74:
f6:69:9c:6a:be:19:c5:5a:ca:32:3a:d0:51:27:b5:
48:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:51:42:A9:89:C9:43:2C:A1:4F:7A:D8:BB:5D:53:53:13:5B:77:24
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MFFCqYnJQyyhT3rYu11TUxNbdyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.41.0/24
93.120.8.0/23
Signature Algorithm: sha256WithRSAEncryption
20:83:e1:cb:25:98:9d:bf:c5:9a:0a:a4:d2:c8:cd:96:0b:d1:
3d:cc:be:cd:39:56:fb:53:db:59:2a:f9:3d:97:9f:30:28:fa:
4c:6e:61:9a:10:a2:f2:c6:e6:de:de:bb:96:d8:e0:25:07:8e:
3b:2d:91:bc:e9:59:e6:5d:87:61:3c:ca:8a:b8:cc:ba:9c:aa:
1b:ce:b1:f5:dd:f6:b6:16:57:e8:2a:b9:a0:a1:0f:23:a8:c2:
4b:38:25:e9:77:b1:63:13:7b:e3:ee:88:a4:c5:10:b3:1b:c5:
b5:a1:d6:49:b9:9d:a9:9a:3b:32:29:2e:07:d1:ee:29:d5:0e:
58:67:e0:64:18:2a:93:9c:ff:df:75:39:46:e3:e2:36:d1:f9:
55:31:9d:f7:f8:1e:b1:99:7b:12:be:ae:52:3c:1b:f3:b2:e2:
44:67:b5:ec:7e:ff:1d:23:41:d7:b1:cc:bc:b9:04:26:25:e7:
08:ce:88:b8:1f:5b:27:40:79:15:b3:e4:aa:fc:2e:ac:3d:98:
55:26:b6:91:95:01:ea:20:74:d4:3e:cb:50:c2:cb:55:cd:2b:
af:9a:91:e8:6c:58:04:0d:e2:b0:f2:ec:9a:ae:3b:d2:29:7c:
0d:08:ba:a9:16:16:bd:f4:80:0f:42:23:eb:b5:ba:96:0e:71:
35:19:42:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4waNPKB4Y/hP6P60CE4Ui8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTE2MTA1MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUxNDJhOTg5Yzk0MzJjYTE0ZjdhZDhiYjVkNTM1MzEzNWI3NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4ki9RDM6PgS95TxAG9nKg0wm/Zk
koXRdZII28BCrFEWsnbVg27kHxQIQAlRKqfSOMep06OHt1qo3+gpdXSbcMlRKeXI
lgceegPIO43Wo7dAel4DjVg8vU738KZqYR/yJ5Ga7OTJx5r1O0bGrxLcLPNdIWaL
rr7v201/+swd1Fcg29cxAwElmAhajBd5bYDfF6ppoUYQGbNRFwKyuQDTPBjXFQcZ
NUd5S6oqQcLLq0nmNIf0oDwLL5LvvHPbZOC+zO8YBVkkB+tSKL1q+hznjKG8ee9B
rBaKEO4UdKGuYmgvKiw21ctbwpUw2pJ1R3T2aZxqvhnFWsoyOtBRJ7VI1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDBRQqmJyUMsoU962LtdU1MTW3ckMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTUZGQ3FZbkpReXloVDNyWXUxMVRVeE5iZHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+ApAwQB
XXgIMA0GCSqGSIb3DQEBCwUAA4IBAQAgg+HLJZidv8WaCqTSyM2WC9E9zL7NOVb7
U9tZKvk9l58wKPpMbmGaEKLyxube3ruW2OAlB447LZG86VnmXYdhPMqKuMy6nKob
zrH13fa2FlfoKrmgoQ8jqMJLOCXpd7FjE3vj7oikxRCzG8W1odZJuZ2pmjsyKS4H
0e4p1Q5YZ+BkGCqTnP/fdTlG4+I20flVMZ33+B6xmXsSvq5SPBvzsuJEZ7Xsfv8d
I0HXscy8uQQmJecIzoi4H1snQHkVs+Sq/C6sPZhVJraRlQHqIHTUPstQwstVzSuv
mpHobFgEDeKw8uyarjvSKXwNCLqpFha99IAPQiPrtbqWDnE1GUKo
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:01:18 2026 by rpki-client